ISSA - Information Systems Security Association

ISSA int Advanced Directory.png

The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications, and peer interaction opportunities that enhance the knowledge, skill, and professional growth of its members.

ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.

Listen to learn how ISSA was founded in the early 80’s

ISSA Journal | Latest Edition

November 2019

Secure DevOps before DevSecOps
By Tony Rice - ISSA member, Raleigh Chapter

This article discusses the opportunities DevSecOps offers to stand up infrastructure in a consistent, secure way as well as move discovery of security flaws earlier and more often in the software development life cycle, with a back-to-basics view of securing access to these resources first.


DevSecOps: A Systemic Approach for Secure Software Development
By Seetharaman Jeganathan

The author reviews how security processes can be effectively embedded in the DevOps model to increase the success of IT projects in an organization.

Securing Terminology: Lessons from Interdisciplinary Research
By Delmer Nagy, Herbert Gomez, and Christopher Copeland

IT security is an inherently interdisciplinary practice. This creates an amalgam of terms, acronyms, and concepts potentially causing confusion. Given the evolving nature of terminology, the authors demonstrate how traditional communication strategies need to be reinforced to ensure that the knowledge of organizational stakeholders does not hinder organizational security efforts.

Changing the DevOps Culture One Security Scan at a Time
By Jon-Michael Lacek

This article discusses the ideology of information security being a roadblock when it comes to DevOps project management and execution and demonstrates that available pipeline plugins do not introduce significant delays into the release process and are able to identify the vulnerabilities detected by traditional application scanning tools.

The Python Programming Language: Relational Databases
By Constantinos Doskas - ISSA Senior Member, Northern Virginia Chapter

This article continues our discussion on database programming. In previous lessons we learned how to create SQL database tables, how to create INNER and LEFT JOIN, and how to ORDER the queries of tables by one or more columns. In this session we will learn how to combine data of multiple like tables and queries and create detailed or summary reports.

From the ISSA Journal Archive

  Live and On-Demand Webinars/Videos With ISSA International

  Conversations on ITSPmagazine

  Where Can You Find ISSA International?

  Latest News


Women's Society of Cyberjutsu

An ITSPmagazine Strategic Partner


Founded in 2012, the Women’s Society of Cyberjutsu (WSC) is a National 501(c)3 non-profit community, focused on empowering women to succeed in the cybersecurity industry. WSC’s mission is to advance women in cybersecurity careers by providing programs and partnerships that promote hands-on training, networking, education, mentoring, resource-sharing and other professional opportunities.

  News and Updates

SANS Immersion Academy 

Approximately 20-25 women will be selected and begin training in several groups during late July/early August, with graduation in February 2020. Applicants must be US citizens or permanent residents, and can be seniors in college or career changers that do not have a previous professional background in cybersecurity. For additional information, please review the attached PDF or Academy website

  Upcoming Events

  Podcasts on ITSP Radio

Cloud Academy


Our Platform is Redefining Training

Traditional approaches to training are no longer effective. Modern training must be practical, impactful, and measurable.

Digital skills are built at the intersection of knowledge, experience, and context. The fundamental building blocks of the training templates in our Library meet teams wherever they are along the cloud maturity curve, imparting the knowledge and experience needed to take them to the next level. Our training platform is intuitive and scalable. Most importantly, all training is easily customizable, which enables organizations to provide context and guidance for teams of any size. Teams leveraging Cloud Academy hit the ground running.

  Live and On-Demand Webinars With Cloud Academy

  Latest News From Cloud Academy

  Where Can You Find Cloud Academy?


Keywords: security training, security awareness, security training videos, machine learning, cloud training, devsecops training

Women in Security and Privacy (WISP)

WISPorg ITSPmagazine directory.jpeg


Women in Security & Privacy ("WISP") is a fiscally-sponsored project of Community Initiatives. Our mission is to advance, advocate for, and increase the participation of women in the Privacy and Information Security fields.

WISP Initiatives

Education: Help women identify and achieve the level of education and skills required to succeed in security and privacy positions across multiple industries.

Mentoring & Networking: Foster a community for knowledge-sharing, collaboration, mentorship, and networking.

Advancement: Support the career advancement of women in security and privacy.

Leadership: Increase thought leadership by women in security and privacy.

News and Other Updates

  Connect With WISP - Upcoming Events

  Contributions to ITSPmagazine, ITSP.TV, and ITSP Radio

Center for Cyber Security and International Relations Studies

Supported by The Cyber Society Column

New Adv Dir Logo Bugcrowd.jpeg

The Center for Cyber Security and International Relations Studies (CCSIRS) is part of the Department of Political Sciences of the University of Florence. Established in 2015, the CCSIRS aims at promoting and deepening the knowledge on cyberspace dynamics through a policy-oriented approach. More specifically, activities are focused on analyzing the influence that cyberspace exercises over both Italian national security and the international system's stability, peace and security.

The Center’s multidisciplinary approach succeeds in integrating the traditional fields of Social Sciences (politics, economics, law, strategic and military studies) and Computer Science. The analysis is conducted by Italian and international experts with variegated backgrounds.

The Center shapes its international activities by creating an ever-increasing solid network of public and private partnerships, aiming at guaranteeing excellent research. Through its established collaborations with numerous scholars, researchers, experts, consultants and students, the Center deals with the following topics:

Cyber Warfare | Cyber Diplomacy | Cyber Security | Cyber Crime
| Cyber Law | Cyber Intelligence | Cyber Terrorism | Digital Economy

In order to promote awareness on cyber security issues,
the Center offers:

Free access to its collection of publications, articles and academic papers.

A cyberspace-dedicated bibliographic selection of more than 3000 titles.

A free newsletter on national and global cybersecurity developments.

Brief analyses and daily updates are also offered through the Center’s social media.

  Podcasts on ITSP Radio


Coming Soon

  Upcoming Events

Coming Soon


Information Networking Institute, Carnegie Mellon University

CMU directory.jpg

Makers and thinkers, hackers and scholars, researchers and programmers – find your spark of genius at Carnegie Mellon University’s (CMU) Information Networking Institute (INI). 

The INI educates and develops engineers through technical, interdisciplinary master’s degree programs in information networking, security and mobility that incorporate business and policy perspectives. Whether you want to launch a tech start-up, join an enterprise R&D team or fight cyber-crime, at the INI you’ll gain the skills and experience necessary to realize those aspirations and much more. 

Apply now to the INI's graduate degree programs!

Earn your degree in information networking, security and mobility at Carnegie Mellon University.

Enhanced by real-world experience, the INI's unique combination of rigorous technical and practical industry-oriented topics will empower you to be one of the movers and shakers of the tech industry.

Our programs provide an advanced, specialized curriculum combining computer science, electrical and computer engineering, software engineering and information systems while incorporating business and policy perspectives.

Through flexible, interdisciplinary curricula, INI students can customize their program experience to help them realize their career aspirations.

  Their Story Articles and Podcasts

  Recent Contributions to ITSPmagazine

  Upcoming Events

Maryville University — Cybersecurity Program


Maryville University offers online cybersecurity programs through the Maryville Virtual Lab, a course delivery system that doubles as a virtual training ground. From any device, anywhere, students can hone their skills in a safe and protected environment. Most of our faculty members still work actively in cybersecurity, which helps us keep a fluid line of communication open with the marketplace. The Cybersecurity Program offers you a robust curriculum of specialty courses to boost your technical skill set. From studying drones to wireless network security to digital forensics, you can build the specialized expertise the industry is seeking.






Vector Solutions


Vector Solutions, a leader in eLearning and performance support, provides award-winning SaaS solutions for the architecture, engineering, construction (AEC), industrial, manufacturing, facilities management, public safety, IT and education industries. Its brands, RedVector, TargetSolutions, and SafeSchools, deliver continuing education (CE), training, technology and performance management solutions using the latest innovations in learning and technology to create safer, more capable, more compliant organizations. Its extensive online and mobile learning library exceeds more than 6,600 courses written by over 250 subject matter experts and reaches over 5 million professionals worldwide.

  Recent Contributions to ITSPmagazine



isc2 logo directory.jpg

(ISC)² is an international, nonprofit membership association for information security leaders like you. We’re committed to helping our members learn, grow and thrive. More than 130,000 certified members strong, we empower professionals who touch every aspect of information security.

  Upcoming Events


  Upcoming Webinars

  Recorded Webinars

  Latest News

  (ISC)² Sponsors The Following SMB Webcasts

Want More CPE Opportunities?

Graziadio School of Business, Pepperdine University

Pepperdine Directory Logo.jpg

To address the accelerating problem of cyber risk, an interdisciplinary team of CISOs, executives, and business thought leaders at Pepperdine Graziadio are providing a Cyber Risk Professional (CyRP) Certification.

CyRP is designed for business professionals and leaders regardless of technical background or the business verticals they work. Business leaders with this certification will be prepared to identify, evaluate, prepare for, and mitigate cyber security risk. CyRP is designed and taught by the same faculty who teach in the globally recognized Pepperdine Executive MBA program as well as CISOs from companies in Silicon Valley and professionals engaged in addressing cybersecurity across the US.


Protect Against the Growing Risks of Cybercrime

Become the driving force against the accelerating problem of potential cyber threats in your organization; earn the Cyber Risk Professional (CyRP) Certificate. Regardless of industry or technical background, CyRP will prepare business leaders to effectively identify, evaluate, prepare for and mitigate cybersecurity threats. The program highlights include:

  • CyRP is designed and taught by Pepperdine faculty and an interdisciplinary board of CISOs, executives and business thought leaders

  • Four comprehensive course modules

  • The certificate is equivalent to four continuing education credits

Upcoming CyRP Programs | Hybrid and Online

Hybrid Program Dates

Spring 2019
March 8-9, 2019 (Malibu)
April 19-20, 2019 (West LA)

Fall 2019
August 16-17, 2019 (Malibu)
September 20-21, 2019 (West LA)

Online Program Dates

Spring 2019
March 8 - April 20, 2019

Fall 2019
August 23 - September 28, 2019

A Unique Learning Experience With ITSPmagazine

CyRP is thrilled to partner with the team at ITSPmagazine to create a unique learning experience driven by the students and the ITSPmagazine expert contributor community. Some of the dedicated resources the students will find include:

  • Dedicated student, faculty, and community Q&A platform

  • CyRP-tailored experts corner articles and chronicles

  • Educational webcasts and podcasts

Expected Program Outcomes

The CyRP certification will equip you and other business leaders with the tools to be effective in the dialogue and management of cybersecurity risks. This certification will develop your understanding and expertise in:

  • The threat landscape

  • Cyber law

  • The "building to break" concept

  • Critical cyber risk frameworks

  • The risk-based approach to cybersecurity

  • Calculating the cost per breach, mitigation, and what this means for your bottom line

  • Incidence response

  • Strategic opportunities that strong cybersecurity brings

Additionally, this certification will provide you with the ability to answer the following questions:

  • How do I change my culture to embrace security?

  • What questions should I ask my board?

  • How much should I invest in security?

  • How do I speak to my executive team about cybersecurity?

  • What questions should I ask my CISO?

  • What does my board wish I would tell them about cybersecurity?

Who Should Enroll

Business leaders in any function or industry that need to be effective in the dialogue and management of cyber risk inside his or her organization should consider taking this course and earning this certification. If you are a business leader interested in positioning your company more effectively against cyber risk and even potentially lowering your cyber liability premiums, you should sign up and inquire about group rates for your departments, divisions, or colleagues.

Meet The CyRP Team

The CyRP program was designed by top professors, practitioners, leaders, and luminaries representing academia, government, and commercial organizations.

  Webcasts and Videos on ITSP TV

  Podcasts on ITSP Radio

  Latest News

  Upcoming Events


Campus Consortium


Campus Consortium is a leading education association with more than 37,000 higher education institutions and K-12 school district members. The Campus Consortium's mission is to help members reduce the time, cost and effort associated with implementing enterprise IT services by leveraging shared IT services, lessons learned and best practices so that each member can avoid reinventing the wheel.